Manual:$wgAllowSecuritySensitiveOperationIfCannotReauthenticate
| 認証: $wgAllowSecuritySensitiveOperationIfCannotReauthenticate | |
|---|---|
| 再認証が不可能な場合に機密性の高いセキュリティ操作を許可するかどうか |
|
| 導入されたバージョン: | 1.27.0 (Gerrit change 195297; git #d245bd25) |
| 除去されたバージョン: | 使用中 |
| 許容される値: | (操作 => true または false の連想配列。 default キーは必ず指定してください。) |
| 既定値: | [ 'default' => true, ] |
| その他の設定: アルファベット順 | 機能順 | |
Normally when the user attempts a security-sensitive operation (such as a password or email address change) and the last login was more than $wgReauthenticateTime seconds ago, MediaWiki sends them through the login page again.
When the user is authenticating via an immutable session (such as OAuth; more generally, those provided by a SessionProvider which returns false for canChangeUser()), login is not possible.
This configuration setting decides whether the user is allowed to perform the operation in such a case.